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Real-time protocol analysis for detecting link-state routing protocol attacks 
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Issue 1 

Full text available: 1 ^Ddf(252.10 KB) Additional Information: full citation , abstract, references, dtings, index 
^^^^"^ yV terms 

A real-tinne knowledge-based network intrusion-detection model for a link-state routing 
protocol is presented for the OSPF protocol. This model includes three layers: a data process 
layer to parse packets^an^ dispatch data; and event abstractor to abstract predefined real- 
time events for the^lml<-state routing protocol; and an extended timed finite state machine 
to express the real-time behavior of the protocol engine and to ... 
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communications security - 
Full text available* fijl pdf(234 97 KB) Additional Infomriation: full citation , abstract , references , citings , index 
^^^^ terms 

We present the first idealized^cryptographic library that can be used like the Dolev-Yao 
model for automated proofs of cryptographic protocols that use nested cryptographic 
operations, while coming^with a cryptographic implementation that is provably secure under 
active attacks. ^ 

Keywords: cryptographicaily composable operators, cryptography, security analysis of 
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4 Stateful distributed interposition Q 
John Reumann, Kang G. Shin 

February 2004 ACM Transactions on C mputer Systems (TOCS), volume 22 issue 1 

Full text available: ^ pclf{833.84 KB) Additional Information: full citation , abstract , references , index terms 

Interposition-based system enhancennents for multltlered servers are difficult to build 
because innportant system context is typically lost at application and machine boundaries. 
For example, resource quotas and user identities do not propagate easily between 
cooperating services that execute on different hosts or that communicate with each other 
via intermediary services. Application-transparent system enhancement is difficult to 
achieve whep such context information is obscured by complex servic ... 

Keywords: Distributed computing, component services, distributed context, multitiered 
services, operating systems, server consolidation 
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Luiz Felipe Perrone, David M. Nicol 

December 2002 Proceedings of tlie 34tli conference on Winter simulation: exploring 
new frontiers 

Full text available: ^pdfd 45.44 KB) Additional Information: full citation , abstract , references 

Large clouds of tiny devices capable of computation, communication and sensing, goal of the 
Smart Dust project, will soon become a reality. Hardware miniaturization is shrinking 
devices and research in software is producing applications that allow devices to 
communicate and cooperate toward a common goal. Success on the software front hinges 
on the design of algorithms that can scale up with system size. Given that the number of 
individual cooperating devices will reach high orders of magnitu ... 
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Sonja Buchegger, Jean-Yves Le Boudec 

June 2002 Proceedings of the 3rd ACM international symposium on Mobile ad hoc 
networking & computing 

Full text available* fijpdf (187.16 KB) Additional Infornnation: full citation , abstract , references , citings , index 

Mobile ad-hoc networking works properly only if the participating nodes cooperate in routing 
and forwarding. However,it may be advantageous for individual nodes not to cooperate. We 
propose a protocol, called CONFIDANT, for making misbehavior unattractive; it is based on 
selective altruism and utilitarianism. It aims at detecting and isolating misbehaving nodes, 
thus making it unattractive to deny cooperation. Trust relationships and routing decisions 
are based on experienced, observed, or repor ... 

Keywords: cooperation, fairness, mobile ad-hoc networks, reputation, robustness, routing, 
trust 



http://portaLacm.org/results.cfin?coll=ACM&dl=ACM&CFro=35173522&CFTOKEN=70 1/5/05 



Results (page 1): +"finite state machine" ^"network security" Page 3 of 4 



What packets may come: automata for network monitoring 
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|ianuary2001 ACM SIGPLAN N tices , Pr ceedings f the 28th ACM SIGPLAN-SIGACT 

symposium on Principles of programming languages, volume 36 issue 3 
Full text available: ^ pclf(284.05 KB) / Additional Infomnation: full citation , abstract , references , index terms 

We consider the problenn.of nnonitoring an interactive device, such as an implementation of 
a network protocol, in ofder to check whether its execution is consistent with its 
specification. At rst glance, it appears that a monitor could simply follow the input-output 
trace of the device and check it against the specification. However, if the monitor is able to 
observe inputs and outputs only from a vantage point external to the device— as is typically 
the case— the prpblem becomes surphs ... 
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A model for verification of data security in operating systems 
Gerald J. Popek, David A. Farber 

September 1978 Communications of the ACM, volume 21 issue 9 

Full text available: pdf(1.49 MB) Additional Information: full citation , abstract , references , citings , index 
^ terms 

Program verification applied to kernel architectures forms a promising method for providing 
uncircumventably secure, shared computer systems. A precise definition of data security is 
developed here in terms of a general model for operating systems. This model is suitable as 
a basis for verifying many of those properties of an operating system which are necessary to 
assure reliable enforcement of security. The application of this approach to the UCLA secure 
operating system is also discussed ... 

Keywords: operating systems, program verification, protection, security 
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Full text available: P|pdf(631.57 KB) Additional Information: full citation , abstract, references , dtiogs, index 
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Wireless networks are characterized by simple end devices and limited bandwidth. One 
solution to address these and other limitations of the wireless mobile environment that has 
been widely pursued is the placement of proxies, or agents, inside the network to assist with 
application processing that would normally take place on end devices. These agents can 
additionally manipulate data to reduce bandwidth requirements and assist in providing 
services. The design and implementation of a user a ... 

''^ Su pporting personal mobility for nomadic computing over the internet 
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This paper presents a new paradigm for nomadic computing over the Internet called 
universal personal computing (UPC), where mobile users can access computing resources, 
network services, and personalized computing environments anywhere using any available 
terminals. The concept of UPC and system design issues are discussed, and the required 
system architecture capable of managing different mobile objects, i.e., users and terminals, 
in the UPC environment is presented. Modifications of connection ... 
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